Malicious actors have found a way to hide malware in Ethereum smart contracts, as per a recent report. On Sep. 3, the software security firm ReversingLabs released a report as per which hackers used code to hide command-and-control (C2) instructions for two Node Package Manager (NPM) packages. Node Package Manager (NPM) is the default package manager for Node.js, used to install, manage, and share reusable code packages (also called modules) for JavaScript projects. The dangeous code allowed the malware to evade security detection and ask for the next-stage payload location instead of hard-coding links in the package ... (full story)